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REMARKS 

This is in response to the Final Office Action mailed on November 10, 2004 , and the 
references cited therewith. 

Claims 1-31 are presently pending in this application. 

§ 703 Rejection of the Claims 

Claims 1-8, 12-13, and 23-30 were rejected under 35 USC § 103(a) as being unpatentable 
over Callaghan et al. (U.S. 2002/0007317) in view of Birrell et al. (U.S. 5,805,803). It is of 
course fundamental that in order to sustain an obviousness rejection that each and every step or 
element in the rejected claims must be taught or suggested in the proposed combination of 
references. Additionally, when two references are combined the proposed combination must be 
practically achievable and must be actually workable for purposes of suggesting a motivation for 
the proposed combination. 

With respect to rejected independent claim 1, Applicant notes that there is no 
authentication of a client to the forward proxy of Callaghan. This makes sense because in 
Callaghan, clients are preconfigured to interact with the forward proxy. Applicant's independent 
claim 1 recites such a limitation, with respect to a transparent proxy, in the phrase: "the policy 
state token is used as an authentication of the client to the transparent proxy." 

The Examiner appears to have relied on Birrell for this teaching as well as the teaching of 
a transparent proxy, and has suggested combining the two for purposes of rendering Applicant's 
invention obvious. Initially, Applicant would like to point out that Birrell does not teach a 
transparent proxy. The proxy discussed and taught in Birrell is a reverse proxy. One of ordinary 
skill in the art readily appreciates the difference. Callaghan taught a forward proxy and now 
Birrell teaches a reverse proxy. The teachings of a forward proxy and a reverse proxy when 
combined do not produce a transparent proxy. 

A forward proxy is preconfigured within and known to a client and us used by a client to 
access a network connection. That is, the client goes through the forward proxy before gaining 
access to the network. A reverse proxy appears on the other side of a network at the origin 
server and appears to the client to be the origin server. A transparent proxy intercepts a client's 
network traffic on the client side. Transparent and forward proxies are accessed by clients before 
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access is obtained to a network. A reverse proxy is accessed on the back end of a destination 
(origin server) for an existing network request and only after a client already has access to and is 
accessing the network. 

The Examiner assumes that the arrangement discussed in Birrell is a transparent proxy. 
This is not the case. The Examiner's attention is directed to FIG. 1 of Birrell and its 
corresponding description. It is clear that the client 1 10 interfaces with the Internet 120 before it 
ever interacts with the proxy-143. This is a classic reverse proxy arrangement and is not a 
transparent proxy arrangement. 

Accordingly, Applicant initially objects to the Examiner's conclusion that Birrell can be 
used to teach a transparent proxy. 

Next, Applicant would like to point out that the proxy 140 of Birrell does not generate a 
token for the client 1 10 to interact with the proxy 143. In Birrell, the client 1 10 is redirected to a 
checker 141 and a token is generated by the checker 141. Emphasis added. See FIGS. 2-3, and 
discussion; and col. 4, lines 37-46: "interchanges with the checker 141, the client computer can 
be provided ... a validation token." The checker provides a cookie and the client uses the 
cookie to interact with the proxy 143. Conversely, Applicant would like to point out that claim 1 
positively states: "generating at the transparent proxy a policy state token in response to the 
policy enforcement data and transmitting the policy state token from the transparent proxy to the 
client 

Therefore, Birrell fails to teach or suggest a state token which is generated by a proxy and 
provided from the proxy to the client, such a limitation is positively recited in Applicant's 
independent claim 1 . 

With respect to rejected independent claims 14, 23, and 27, Applicant notes that the 
proposed combination fails to teach a transparent proxy, which is positively recited in 
Applicant's independent claims 14, 23, and 27. Callaghan discloses and teaches a proxy server 
and Birrell discloses and teaches a reverse proxy. 

In addition, with respect to rejected independent claim 14, Applicant notes that in Birrell 
a client directs a request to the proxy for a resource controlled by that proxy. This is a classic 
reverse proxy technique. Applicant's independent claim 14 states: "the client computer directs a 
request for a resource to an origin server and the request is transparently intercepted by the 
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transparent proxy . . .." Emphasis added. This is not taught or suggested in either Callaghan or 
Birrell, since in Birrell the client sends a request directly to a known proxy and in Birrell the 
client sends the request to a reverse proxy that manages the resource. 

Finally, Applicant would like to point out that the proposed combination of Callaghan 
and Birrell cannot be achieved in the manner recited by the Examiner because both Callaghan 
and Birrell lack any teaching or suggestion of a teaching where a transparent proxy is present. 

Moreover, in Callaghan, it is clear that the forward proxy manages cookies on behalf of 
clients. The Examiner's attention is directed to Callaghan paragraph numbers 26, 49, 50, and 
many more. The forward proxy manages and adds cookie information on behalf of clients. A 
forward proxy that manages cookies for clients is the teachings of Callaghan. 

It would not make any sense for a proxy that manages a client (forward proxy of 
Callaghan) to combine with a proxy that manages target resources (reverse proxy of Birrell) to 
form a single proxy entity. Birrell is directed to managing cookies of a client and Callaghan is 
directed to managing access to target resources within a secure Intranet arrangement. 

One of ordinary skill in the art would not have combined the two into a single proxy 
arrangement, because to do so would have diluted the teachings of Birrell because it would have 
to concern itself with individual management functions for individual clients and would have 
also diluted the teachings of Callaghan because it would have to concern itself with individual 
management functions of an infinite potential of resources. 

The Examiner's proposed combination does not make sense as a practical matter to one 
of ordinary skill in the art. What does make sense is a combination where within the client's 
local environment a forward proxy provides the features of Callaghan and within the target 
resource environment a reverse proxy provides the features of Birrell. Furthermore, this 
combination would not have altered the teachings of either reference and would make logical 
sense. However, the resulting logical combination is in fact two separate and different types of 
proxies, neither of which are a transparent proxy. Thus, the proposed combination cannot be 
made because it still lacks a transparent proxy and because it is not practical and therefore one of 
ordinary skill in the art would not have been motivated to combine in the manner suggested by 
the Examiner. 
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Applicant respectfully asserts that the rejections should be withdrawn, because the 
proposed combination fails to teach each and every aspect that is positively recited in the 
independent claims and because the proposed combination made in the manner cited by the 
Examiner does not work and would not have motivated one of ordinary skill in the art to make 
such a combination. Furthermore, any proposed combination of Callaghan and Birrell still lacks 
a transparent proxy. 

Claims 9-1 1 and 31 were rejected under 35 USC § 103(a) as being unpatentable over 
Callaghan in view of Birrell, and in further view of Shrader et al. (U.S. 6,374,359). Claims 9-1 1 
are dependent from independent claim 1, and claim 31 is dependent from independent claim 27. 
Therefore, the remarks presented above with respect to independent claims 1 and 27, the claims 
9-1 1 and 31 should be allowed and the rejections withdrawn. 

Claims 14-22 were rejected under 35 USC § 103(a) as being unpatentable over Birrell. 
Again, to sustain an obviousness rejection each and every step or element in the rejected claims 
must be taught or suggested in the cited reference. 

Birrell teaches a transparent proxy. Its arrangement and disclosure cannot be used to 
suggest a transparent proxy because the Birrell arrangement is a classic and specific proxy 
arrangement referred to as a reverse proxy. Transparent and reverse proxies are recognized as 
distinct and separate processes and entities in the networking arts and are not viewed in similar 
manners as the Examiner suggests. 

Therefore, Applicant asserts that Birrell fails to teach or suggest a transparent proxy as is 
recited in independent claim 14. Accordingly, the rejection cannot be sustained and Applicant 
respectfully requests that the Examiner reconsider the present position on this matter. 
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CONCLUSION 

Applicant respectfully submits that the claims are in condition for allowance, and 
notification to that effect is earnestly requested. The Examiner is invited to telephone 
Applicant's attorney at (513) 942-0224 to facilitate prosecution of this application. 

If necessary, please charge any additional fees or credit overpayment to Deposit Account 
No. 19-0743. 

Respectfully submitted, 

HASHEM MOHAMMAD EBRAHEvH 
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